summaryrefslogtreecommitdiffstats
path: root/tools
diff options
context:
space:
mode:
authorDan Carpenter <dan.carpenter@oracle.com>2019-04-03 10:13:51 +0300
committerDavid S. Miller <davem@davemloft.net>2019-04-06 15:05:07 -0700
commit6491d698396fd5da4941980a35ca7c162a672016 (patch)
tree808896ceb6b2639bf7d00c8d086000b13abefabd /tools
parentd7ee81ad09f072eab1681877fc71ec05f9c1ae92 (diff)
downloadlinux-6491d698396fd5da4941980a35ca7c162a672016.tar.gz
linux-6491d698396fd5da4941980a35ca7c162a672016.tar.bz2
linux-6491d698396fd5da4941980a35ca7c162a672016.zip
nfc: nci: Potential off by one in ->pipes[] array
This is similar to commit e285d5bfb7e9 ("NFC: Fix the number of pipes") where we changed NFC_HCI_MAX_PIPES from 127 to 128. As the comment next to the define explains, the pipe identifier is 7 bits long. The highest possible pipe is 127, but the number of possible pipes is 128. As the code is now, then there is potential for an out of bounds array access: net/nfc/nci/hci.c:297 nci_hci_cmd_received() warn: array off by one? 'ndev->hci_dev->pipes[pipe]' '0-127 == 127' Fixes: 11f54f228643 ("NFC: nci: Add HCI over NCI protocol support") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'tools')
0 files changed, 0 insertions, 0 deletions